Worried about the security? We can encrypt files before transfer. Also, we can claim the files can only be download once, or expire in several days. Here we go! Let's explore how transfer.sh file-sharing can be easy and fast from the command-line.Original article here.
Problems With Current File Transfer
Working in DevOps, I occasionally need to transfer files:
- Temporarily copy critical backup set from one server to another.
- Collect some log files and send back to the Dev team.
Usually, I use SCP to do the copy. Apparently, we only SCP via a key file instead of a password. To achieve that, I need to store my SSH private key in the server. This certainly brings in some security concerns. Yes, I can protect my SSH key with a passphrase. Even better, I can delete it immediately after I have finished the download. Hmm…that's just a bit tricky, and includes too many manual steps.
When I’m asked to copy and share some log files, I usually SCP them to my laptop, then send them over via Slack or Skype. Let’s say the file is around 500 MB. Literally speaking, we need to download 500 MB data, then send 500 MB data. Manually! This would take a lot of time for a doggy network, wouldn't it? Even worse, if the transfer interrupts, our colleagues will definitely ping us to send it again.
Use Transfer.sh to Share Files Easily
All we need is a simple and famous tool called Curl. No more SSH key. No more blindly waiting for the doggy internet.
root@denny:~# curl --upload-file /etc/hosts https://transfer.sh/hosts https://transfer.sh/BQTjC/hosts
For Window users, we can use Powershell.
# Upload using Powershell PS H:\> invoke-webrequest -method put -infile .\file.txt https://transfer.sh/file.txt
See more handy usages in transfer.sh.
What About Security?
Firstly, don’t upload any very sensitive files. Usually, we can make the transfer more secured like this:
- Limit the download count. Like with Snapchat, we only allow download once. I’m happy to get involved in this feature. See my discussion with Remco Verhoef on Twitter.
$ curl -H "Max-Downloads: 1" -H "Max-Days: 5" --upload-file ./hello.txt https://transfer.sh/hello.txt https://transfer.sh/66nb8/hello.txt # Download the file $ curl https://transfer.sh/66nb8/hello.txt -o hello.txt
- Encrypt files before the transfer.
# Encrypt files with password using gpg $ cat /tmp/hello.txt|gpg -ac -o-|curl -X PUT --upload-file "-" https://transfer.sh/test.txt # Download and decrypt $ curl https://transfer.sh/1lDau/test.txt|gpg -o- > /tmp/hello.txt
How Fast Are the Download/Upload Speeds?
From my experience, it’s fast enough to me. Frankly speaking, I don’t worry about the speed.
It’s triggered by a command line, thus machines can easily do the intelligent retries. No human intervention is required.
We get an HTTP download link for the recipients. This works perfectly in an asynchronous way.